Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    External transparent proxy?

    Scheduled Pinned Locked Moved 2.0-RC Snapshot Feedback and Problems - RETIRED
    5 Posts 2 Posters 2.5k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • C
      clarknova
      last edited by

      I would like to run squid on an external (to pfsense) LAN host and have it proxy transparently for LAN and OPT1 hosts. Is this possible, perhaps using redirect on pfsense to divert outbound connections to said LAN proxy host?

      db

      1 Reply Last reply Reply Quote 0
      • jimpJ
        jimp Rebel Alliance Developer Netgate
        last edited by

        You can't do that if the squid box is on the same interface as the clients it is to proxy, because you can't redirect back out the same interface that the traffic enters.

        If you have a third internal interface or VLAN to put the squid box on, you can redirect it in the way you describe.

        Remember: Upvote with the ๐Ÿ‘ button for any user/post you find to be helpful, informative, or deserving of recognition!

        Need help fast? Netgate Global Support!

        Do not Chat/PM for help!

        1 Reply Last reply Reply Quote 0
        • C
          clarknova
          last edited by

          That would work. Is it just a matter of installing the redirect package then adding a rule to redirect dport 80 to proxy:3128 then?

          db

          1 Reply Last reply Reply Quote 0
          • jimpJ
            jimp Rebel Alliance Developer Netgate
            last edited by

            no need for a package. Just add a port forward on the LAN (and OPT1) interface, with an 'external address' of 'any' and destination port 80, and the NAT IP would be the squid box, and whatever port you have squid running on.

            Remember: Upvote with the ๐Ÿ‘ button for any user/post you find to be helpful, informative, or deserving of recognition!

            Need help fast? Netgate Global Support!

            Do not Chat/PM for help!

            1 Reply Last reply Reply Quote 0
            • C
              clarknova
              last edited by

              Sometimes it's even easier than we imagine. Thanks for your help.

              db

              1 Reply Last reply Reply Quote 0
              • First post
                Last post
              Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.